Sr. Fullstack Engineer, Identity Platform

AI at Zapier

At Zapier we build and use automation every day to make work more efficient creative and human. So if youre using AI tools while applying here - thats great! We just ask that you use them responsibly and transparently.

Check out our guidance on How to Collaborate with AI During Zapiers Hiring Process including how to use AI tools like ChatGPT Claude Gemini or others during our hiring process - and when not to.

Job Posted: March 17 2026

Location: Americas - North Central and South America

Zapiers mission is to enable enterprise companies to build and maintain dependable AI workflows at scale. The Identity Platform team builds the golden path that every product team uses to deliver reliable consistent and secure experiences to these customers. Authentication session management and credential infrastructure are the foundation. Get them right and every product team ships faster with confidence. Were hiring a Senior Fullstack Engineer to own this foundation drive the strategic and architectural direction of this layer for years to come and directly unlock our largest enterprise deals.

What youll work on

• Enterprise authentication infrastructure. Youll design and extend the systems that handle SAML SSO SCIM provisioning OAuth/OIDC flows multi-factor authentication login sign-up and secure session for organizations with thousands of users. That spans the full auth surface: SCIM-driven user provisioning and de-provisioning invitation flows 2FA setup SSO-enforced login domain capture for auto-routing new signups and session hardening. Reliability latency and efficiency are non-negotiables; auth is the most critical-path system at the company. Youll make these systems faster more resilient and easier for other teams to integrate with.

• User session auth across services. Zapier is a multi-service platform. Youll own how user sessions propagate across service boundaries; making sure authentication context is consistent secure and performant whether a request hits the monolith a service or a Go microservice. Youll evolve JWT validation token exchange and session tracking to handle the complexity of a growing service footprint.

• Enterprise authentication controls and compliance. Enterprise customers need org-level authentication policy enforcement: forced SSO domain capture admin-managed authentication requirements and credential lifecycle controls like JWT key rotation token refresh and session expiry policies. Youll build and extend the APIs that give admins confidence their organization meets their security standards. SOC 2 access control evidence GDPR data subject requests and audit trail requirements are design constraints youll work within regularly not afterthoughts.

• Platform APIs that other teams depend on. Identity is infrastructure. Your APIs libraries and contracts are consumed by dozens of teams. Youll design for backward compatibility clear documentation and low integration friction. But shipping the API is half the job. Youll also drive adoption: writing integration guides running migration paths and embedding with product teams to help them use auth capabilities correctly. Internal engineering teams needs carry the same weight as end-customer value.

Level

This is a Senior Engineer role. Senior engineers at Zapier own outcomes end-to-end within their team and extend impact beyond it. Youll coordinate across ownership boundaries shape technical direction for adjacent systems and bring other engineers along with you.

Our level definitions may look different from what youve seen elsewhere. Well be transparent about leveling before you reach the final stages.

About you

• Youve set the vision and built identity systems for enterprise SaaS at scale. Not configured them built them. You have hands-on experience with SAML SCIM OAuth/OIDC or JWT in a multi-tenant SaaS environment. You understand authentication at a protocol level not a checkbox level. Youve dealt with token replay session fixation key rotation under load multi-IdP federation just-in-time provisioning or identity linking across auth methods in real systems serving real users. You know what breaks when an organization with 5000 employees connects their IdP to your platform for the first time. You are a thought leader in the Identity domain who proactively follows industry trends and Enterprise user management best practices.

• You work through AI agents not alongside them. Your daily development workflow is built around directing and reviewing agent-written code not writing it by hand. You have opinions about which models to use for which tasks youve hit real failure modes and built mitigations and your workflow is actively evolving. When you hit unfamiliar territory you dont slow down; you point your agent at the codebase research the domain and draft a plan. Then you build a POC or working prototype to demonstrate the concept in hours not iterate on a planning doc for days. You jump into unfamiliar codebases use your agent to map the landscape and ship draft MRs or integration proposals within days. At this level that means going into other teams code when an integration is blocked not waiting for their capacity. You use AI in your work today not occasionally but as part of how you operate at a high level. You can point to workflows youve built how your approach has evolved through iteration and the impact on quality efficiency and experience while intentionally applying AI for the right outcomes setting a high bar for outputs and taking ownership of what ships. Bonus: you enable others on your team to work this way too.

• You think in platforms not features. Youve built systems other engineering teams depend on. You know what it means to ship a breaking change to an internal API maintain backward compatibility under pressure and write contracts that hold up as the organization scales. You understand the cost of coupling and the discipline of good boundaries.

• Youre comfortable across the stack. This is a fullstack role on a platform team. Youll write backend services in Python and work with Django and Fastify touch React when building admin tooling or developer-facing UIs and navigate infrastructure concerns like Kubernetes Terraform and CI/CD pipelines. You dont need to be an expert in all of these but you cant be afraid of any of them.

• You believe enterprise can move fast and you ship through ambiguity to prove it. Youve seen (or want to prove) that shipping to enterprise customers doesnt have to mean slow waterfall-style cycles. When theres no spec no designs and no clear path forward your first instinct is to gather evidence break the problem into a narrow first slice and get rough working software into production within days not weeks. You use working prototypes to drive alignment rather than waiting for consensus. You see compliance security and rollout considerations as interesting design constraints not reasons to slow down. Youre comfortable throwing work away when direction changes and you treat discarded work as a fast learning loop not a loss.

• You work close to the customer. Customer for this team means both enterprise buyers evaluating Zapiers security posture and internal engineering teams integrating with your APIs. You pull from both; reviewing customer security questionnaires sitting in on enterprise calls reading support tickets and talking directly to engineers who consume your platform. Youll also work closely with customer support teams to provide them with the tools and processes to troubleshoot customer issues and incidents.

• You own your work yourself and your communication. You take initiative without waiting for permission and ship fast and share early. You manage up and across in an async-first culture flagging risks surfacing decisions and keeping stakeholders informed without being asked. You use written artifacts working demos and rough prototypes as your primary communication tools not meetings. You also own your mistakes your gaps and your role in friction openly. You say I dont know and I was wrong out loud early and without shame.

Things youll do

• Design and maintain authentication and session systems (SAML SCIM OAuth/OIDC MFA login sign-up 2FA user provisioning) as Zapier scales to larger and more security-conscious customers

• Own user session propagation and JWT validation across a multi-service architecture spanning Python and Go

• Build enterprise authentication controls and governance APIs: forced SSO domain capture credential lifecycle admin authentication policies

• Build and maintain platform libraries consumed by dozens of internal teams

• Treat reliability latency and efficiency of auth systems as non-negotiables; build the monitoring observability and audit logging to back that up

• Respond to authentication-related incidents and participate in on-call rotation

• Enable Security Enterprise Response and product team partners to move faster by removing auth bottlenecks and proactively surfacing what they need

• Join yearly company retreats that rotate to various cities throughout North America

Application Deadline:

The anticipated application window is 30 days from the date job is posted unless the number of applicants requires it to close sooner or later or if the position is filled.

Even though were an all-remote company we still need to be thoughtful about where we have Zapiens working. Check out this resource for a list of countries where we currently cannot have Zapiens permanently working.

Required Experience:

Senior IC